IN THE CLAIMS: 



The following listing of claims will replace all prior versions, and listings, of 
claims in the application. 

1 . (currently amended) A method comprising: 

populating a directory with entries for each of a plurality of users of a multi-user 
computing environment, wherein each entry in the directory comprises a 
user ID and one or more group names , wherein each of the one or more 
group names corresponds to a group to which the user ID belongs, and 
wherein at least one of the entries in the directory comprises a first group 
name of the one or more group names ; 

determining a first group access control list for [[a]] the first on© group name ef 
the group names in the directory , wherein the first group access control list 
comprises the user IDs of users whose directory entries comprise the first 
group name , and wherein the first group access control list is stored 
outside of the directory ; 

for each data source in the multi-user computing environment which permits 
access by the first group name, granting access to the respective data 
source to the users in the first group access control list. 

2. (original) The method of claim 1, 

wherein each entry in the directory comprises a user password; and 
wherein the method further comprises authenticating each user ID using the 
associated user password. 

3 . (original) The method of claim 1 , 

wherein each entry in the directory comprises zero, one, or a plurality of 
hostnames; 

wherein the directory comprises a first hostname; and 
wherein the method further comprises: 
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for each data source in the multi-user computing environment which 
permits access by the first hostname, granting access to the data 
source to the one or more users whose directory entries comprise 
the first hostname and who are seeking access from the host 
having the first hostname. 

4. (original) The method of claim 1, 

wherein the data source comprises a file or a directory in a file system coupled to 
the multi-user computing environment. 

5. (original) The method of claim 1, 

wherein the access comprises read access; and 

wherein the granting access to the data source to the users in the first group access 
control list comprises permitting the users in the first group access control 
list to read the data source. 

6. (original) The method of claim 1, 

wherein the access comprises write access; and 

wherein the granting access to the data source to the users in the first group access 
control list comprises permitting the users in the first group access control 
list to write to the data source. 

7. (original) The method of claim 1, 

wherein the access comprises execute access; and 

wherein the granting access to the data source to the users in the first group access 
control list comprises permitting the users in the first group access control 
list to execute the data source. 

8. (original) The method of claim 1, 

for each data source in the multi-user computing environment which permits 
access by the first group name and owner but denies access to others, 
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denying access to the data source to users who are not in the first group 
access control list and who are not the owner of the data source. 

(original) The method of claim 1 , 

wherein the multi-user computing environment comprises a UNIX-based 
operating system, 

(currently amended) A system comprising: 

a file system which comprises one or more data sources including a first data 
source; 

a directory server which is operable configured to store a plurality of directory 
entries in a directory for a plurality of users, wherein each directory entry 
comprises a user ID and one or more group names which denote groups to 
which the user ID belongs, wherein at least one of the directory entries 
comprises a first group name of the one or more group names ; and 

a first group access control list which is generated from the directory entries, 
wherein the first group access control list is stored in the file system 
outside of the directory server, wherein the first group access control list 
comprises the at least one user IDs belonging to the first group name, and 
wherein the first group access control list is usable to permit access to the 
first data source to user IDs belonging to the first group name. 

(original) The system of claim 10, 

wherein each entry in the directory comprises a user password, wherein the user 
password is usable to authenticate the corresponding user ID for access to 
the one or more data sources. 

(original) The system of claim 10, further comprising: 

a host computer system coupled to the file system; 
wherein each entry in the directory comprises zero, one, or a plurality of host 

names such that the directory server comprises a first host name 



corresponding to the host computer system, and wherein access is granted 
to the first data sources to users seeking access from the host computer 
system. 

(original) The system of claim 10, 

wherein the access to the first data source comprises read access, 
(original) The system of claim 10, 

wherein the access to the first data source comprises write access, 
(original) The system of claim 10, 

wherein the access to the first data source comprises execute access, 
(original) The system of claim 10, further comprising: 

an operating system which is operable to restrict user access to the data sources in 
the file system. 

(currently amended) A carrier medium comprising program instructions which are 
computer-executable to implement: 

populating a directory with entries for each of a plurality of users of a multi-user 
computing environment, wherein each entry in the directory comprises a 
user ID and one or more group names , wherein each of the one or more 
group names corresponds to a group to which the user ID belongs, and 
wherein at least one of the entries in the directory comprises a first group 
name of the one or more group names ; 
determining a first group access control list for [[a]] the first one group name ef 
the group name s in the directory , wherein the first group access control list 
comprises the user IDs of users whose directory entries comprise the first 
group name , and wherein the first group access control list is stored 
outside of the directory ; 



13. 



14. 



15. 



16. 



17. 
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for each data source in the multi-user computing environment which permits 
access by the first group name, granting access to the respective data 
source to the users in the first group access control list. 

(original) The carrier medium of claim 17, 

wherein each entry in the directory comprises a user password; and 
wherein the program instructions are further computer-executable to implement 
authenticating each user ID using the associated user password. 

(original) The carrier medium of claim 17, 

wherein each entry in the directory comprises zero, one, or a plurality of 
hostnames; 

wherein the directory comprises a first hostname; and 

wherein the program instructions are further computer-executable to implement : 
for each data source in the multi-user computing environment which 
permits access by the first hostname, granting access to the data 
source to the one or more users whose entries comprise the first 
hostname and who are seeking access from the host having the 
first hostname. 

(original) The carrier medium of claim 17, 

wherein the data source comprises a file or a directory in a file system coupled to 
the multi-user computing environment. 

(original) The carrier medium of claim 17, 
wherein the access comprises read access; and 

wherein the granting access to the data source to the users in the first group access 
control list comprises permitting the users in the first group access control 
list to read the data source. 

(original) The carrier medium of claim 17, 



wherein the access comprises write access; and 

wherein the granting access to the data source to the users in the first group access 
control list comprises permitting the users in the first group access control 
list to write to the data source. 

23. (original) The carrier medium of claim 17, 
wherein the access comprises execute access; and 

wherein the granting access to the data source to the users in the first group access 
control list comprises permitting the users in the first group access control 
list to execute the data source. 

24. (original) The carrier medium of claim 17, wherein the program instructions are 
further computer-executable to implement: 

for each data source in the multi-user computing environment which permits 
access by the first group name and owner but denies access to others, 
denying access to the data source to users who are not in the first group 
access control list and who are not the owner of the data source. 

25. (original) The carrier medium of claim 17, 

wherein the multi-user computing environment comprises a UNIX-based 
operating system. 
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